AirDrop has been an essential tool on iPhone, iPad, and Mac products for quite some time. Apple has positioned the system for users to securely transfer files, photos, and other media between devices and to other users. However, a newly discovered flaw in the AirDrop system raises concerns of its security.
According to a report from MacRumors, researchers at Germany’s Technische Universitat Darmadast have recently discovered that the process in which AirDrop verifies the person you are transferring content to is on your contact list uses a potentially flawed system.
AirDrop has three different modes tied to it including Receiving Off, Contacts Only, and Everyone. The default on AirDrop is set to ‘Contacts Only’, which means the in the backend, AirDrop must verify each user by requesting personal data from all devices within range to complete the transaction.
The TU Darmadast researchers identified that harmful attackers could abuse this system in order to obtain private information such as phone numbers, email addresses, etc.
As an attacker, it is possible to learn the phone numbers and email addresses of AirDrop users – even as a complete stranger. All they require is a Wi-Fi-capable device and physical proximity to a target that initiates the discovery process by opening the sharing pane on an iOS or macOS device.
The discovered problems are rooted in Apple’s use of hash functions for “obfuscating” the exchanged phone numbers and email addresses during the discovery process. Researchers from TU Darmstadt already showed that hashing fails to provide privacy-preserving contact discovery as so-called hash values can be quickly reversed using simple techniques such as brute-force attacks.
To determine whether the other party is a contact, AirDrop uses a mutual authentication mechanism that compares a user’s phone number and email address with entries in the other user’s address book.
TU Darmadast continues to state that Apple was informed of the flaw in May 2019. Although the company has released numerous software updates, the security issue remains untouched. The researchers even developed a secure approach to AirDrop, which they call PrivateDrop and came forward to Apple with their solution.